summaryrefslogtreecommitdiff
path: root/testing
diff options
context:
space:
mode:
Diffstat (limited to 'testing')
-rw-r--r--testing/test_soledad/util.py4
-rw-r--r--testing/tests/client/test_http_client.py3
-rw-r--r--testing/tests/server/test_server.py164
3 files changed, 39 insertions, 132 deletions
diff --git a/testing/test_soledad/util.py b/testing/test_soledad/util.py
index 57f8199b..e44a165d 100644
--- a/testing/test_soledad/util.py
+++ b/testing/test_soledad/util.py
@@ -52,7 +52,6 @@ from leap.soledad.client.sqlcipher import SQLCipherOptions
from leap.soledad.client._crypto import is_symmetrically_encrypted
from leap.soledad.server import SoledadApp
-from leap.soledad.server.auth import SoledadTokenAuthMiddleware
PASSWORD = '123456'
@@ -108,7 +107,7 @@ def make_soledad_app(state):
def make_token_soledad_app(state):
- app = SoledadApp(state)
+ application = SoledadApp(state)
def _verify_authentication_data(uuid, auth_data):
if uuid.startswith('user-') and auth_data == 'auth-token':
@@ -119,7 +118,6 @@ def make_token_soledad_app(state):
def _verify_authorization(uuid, environ):
return True
- application = SoledadTokenAuthMiddleware(app)
application._verify_authentication_data = _verify_authentication_data
application._verify_authorization = _verify_authorization
return application
diff --git a/testing/tests/client/test_http_client.py b/testing/tests/client/test_http_client.py
index a107930a..691c7576 100644
--- a/testing/tests/client/test_http_client.py
+++ b/testing/tests/client/test_http_client.py
@@ -24,7 +24,6 @@ from testscenarios import TestWithScenarios
from leap.soledad.client import auth
from leap.soledad.common.l2db.remote import http_client
from test_soledad.u1db_tests import test_http_client
-from leap.soledad.server.auth import SoledadTokenAuthMiddleware
# -----------------------------------------------------------------------------
@@ -67,7 +66,7 @@ class TestSoledadClientBase(
return res
# mime solead application here.
if '/token' in environ['PATH_INFO']:
- auth = environ.get(SoledadTokenAuthMiddleware.HTTP_AUTH_KEY)
+ auth = environ.get('HTTP_AUTHORIZATION')
if not auth:
start_response("401 Unauthorized",
[('Content-Type', 'application/json')])
diff --git a/testing/tests/server/test_server.py b/testing/tests/server/test_server.py
index 09242736..12f6fb20 100644
--- a/testing/tests/server/test_server.py
+++ b/testing/tests/server/test_server.py
@@ -18,11 +18,9 @@
Tests for server-related functionality.
"""
import binascii
-import mock
import os
import pytest
-from hashlib import sha512
from pkg_resources import resource_filename
from urlparse import urljoin
from uuid import uuid4
@@ -46,36 +44,6 @@ from leap.soledad.client import Soledad
from leap.soledad.server.config import load_configuration
from leap.soledad.server.config import CONFIG_DEFAULTS
from leap.soledad.server.auth import URLMapper
-from leap.soledad.server.auth import SoledadTokenAuthMiddleware
-
-
-class ServerAuthenticationMiddlewareTestCase(CouchDBTestCase):
-
- def setUp(self):
- super(ServerAuthenticationMiddlewareTestCase, self).setUp()
- app = mock.Mock()
- self._state = CouchServerState(self.couch_url)
- app.state = self._state
- self.auth_middleware = SoledadTokenAuthMiddleware(app)
- self._authorize('valid-uuid', 'valid-token')
-
- def _authorize(self, uuid, token):
- token_doc = {}
- token_doc['_id'] = sha512(token).hexdigest()
- token_doc[self._state.TOKENS_USER_ID_KEY] = uuid
- token_doc[self._state.TOKENS_TYPE_KEY] = \
- self._state.TOKENS_TYPE_DEF
- dbname = self._state._tokens_dbname()
- db = self.couch_server.create(dbname)
- db.save(token_doc)
- self.addCleanup(self.delete_db, db.name)
-
- def test_authorized_user(self):
- is_authorized = self.auth_middleware._verify_authentication_data
- self.assertTrue(is_authorized('valid-uuid', 'valid-token'))
- self.assertFalse(is_authorized('valid-uuid', 'invalid-token'))
- self.assertFalse(is_authorized('invalid-uuid', 'valid-token'))
- self.assertFalse(is_authorized('eve', 'invalid-token'))
class ServerAuthorizationTestCase(BaseSoledadTest):
@@ -90,12 +58,6 @@ class ServerAuthorizationTestCase(BaseSoledadTest):
def tearDown(self):
pass
- def _make_environ(self, path_info, request_method):
- return {
- 'PATH_INFO': path_info,
- 'REQUEST_METHOD': request_method,
- }
-
def test_verify_action_with_correct_dbnames(self):
"""
Test encrypting and decrypting documents.
@@ -120,146 +82,94 @@ class ServerAuthorizationTestCase(BaseSoledadTest):
dbname = 'user-%s' % uuid
# test global auth
- match = urlmap.match(self._make_environ('/', 'GET'))
+ match = urlmap.match('/', 'GET')
+ self.assertIsNotNone(match)
# test shared-db database resource auth
- match = urlmap.match(
- self._make_environ('/shared', 'GET'))
+ match = urlmap.match('/shared', 'GET')
self.assertIsNotNone(match)
- self.assertIsNone(
- urlmap.match(
- self._make_environ('/shared', 'PUT')))
+ match = urlmap.match('/shared', 'PUT')
+ self.assertIsNone(match)
- self.assertIsNone(
- urlmap.match(
- self._make_environ('/shared', 'DELETE')))
+ match = urlmap.match('/shared', 'DELETE')
+ self.assertIsNone(match)
- self.assertIsNone(
- urlmap.match(
- self._make_environ('/shared', 'POST')))
+ match = urlmap.match('/shared', 'POST')
+ self.assertIsNone(match)
# test shared-db docs resource auth
- self.assertIsNone(
- urlmap.match(
- self._make_environ('/shared/docs', 'GET')))
+ self.assertIsNone(urlmap.match('/shared/docs', 'GET'))
- self.assertIsNone(
- urlmap.match(
- self._make_environ('/shared/docs', 'PUT')))
+ self.assertIsNone(urlmap.match('/shared/docs', 'PUT'))
- self.assertIsNone(
- urlmap.match(
- self._make_environ('/shared/docs', 'DELETE')))
+ self.assertIsNone(urlmap.match('/shared/docs', 'DELETE'))
- self.assertIsNone(
- urlmap.match(
- self._make_environ('/shared/docs', 'POST')))
+ self.assertIsNone(urlmap.match('/shared/docs', 'POST'))
# test shared-db doc resource auth
- match = urlmap.match(
- self._make_environ('/shared/doc/x', 'GET'))
+ match = urlmap.match('/shared/doc/x', 'GET')
self.assertIsNotNone(match)
self.assertEqual('x', match.get('id'))
- match = urlmap.match(
- self._make_environ('/shared/doc/x', 'PUT'))
+ match = urlmap.match('/shared/doc/x', 'PUT')
self.assertIsNotNone(match)
self.assertEqual('x', match.get('id'))
- match = urlmap.match(
- self._make_environ('/shared/doc/x', 'DELETE'))
+ match = urlmap.match('/shared/doc/x', 'DELETE')
self.assertEqual('x', match.get('id'))
- self.assertIsNone(
- urlmap.match(
- self._make_environ('/shared/doc/x', 'POST')))
+ self.assertIsNone(urlmap.match('/shared/doc/x', 'POST'))
# test shared-db sync resource auth
- self.assertIsNone(
- urlmap.match(
- self._make_environ('/shared/sync-from/x', 'GET')))
+ self.assertIsNone(urlmap.match('/shared/sync-from/x', 'GET'))
- self.assertIsNone(
- urlmap.match(
- self._make_environ('/shared/sync-from/x', 'PUT')))
+ self.assertIsNone(urlmap.match('/shared/sync-from/x', 'PUT'))
- self.assertIsNone(
- urlmap.match(
- self._make_environ('/shared/sync-from/x', 'DELETE')))
+ self.assertIsNone(urlmap.match('/shared/sync-from/x', 'DELETE'))
- self.assertIsNone(
- urlmap.match(
- self._make_environ('/shared/sync-from/x', 'POST')))
+ self.assertIsNone(urlmap.match('/shared/sync-from/x', 'POST'))
# test user-db database resource auth
- self.assertIsNone(
- urlmap.match(
- self._make_environ('/%s' % dbname, 'GET')))
+ self.assertIsNone(urlmap.match('/%s' % dbname, 'GET'))
- self.assertIsNone(
- urlmap.match(
- self._make_environ('/%s' % dbname, 'PUT')))
+ self.assertIsNone(urlmap.match('/%s' % dbname, 'PUT'))
- self.assertIsNone(
- urlmap.match(
- self._make_environ('/%s' % dbname, 'DELETE')))
+ self.assertIsNone(urlmap.match('/%s' % dbname, 'DELETE'))
- self.assertIsNone(
- urlmap.match(
- self._make_environ('/%s' % dbname, 'POST')))
+ self.assertIsNone(urlmap.match('/%s' % dbname, 'POST'))
# test user-db docs resource auth
- self.assertIsNone(
- urlmap.match(
- self._make_environ('/%s/docs' % dbname, 'GET')))
+ self.assertIsNone(urlmap.match('/%s/docs' % dbname, 'GET'))
- self.assertIsNone(
- urlmap.match(
- self._make_environ('/%s/docs' % dbname, 'PUT')))
+ self.assertIsNone(urlmap.match('/%s/docs' % dbname, 'PUT'))
- self.assertIsNone(
- urlmap.match(
- self._make_environ('/%s/docs' % dbname, 'DELETE')))
+ self.assertIsNone(urlmap.match('/%s/docs' % dbname, 'DELETE'))
- self.assertIsNone(
- urlmap.match(
- self._make_environ('/%s/docs' % dbname, 'POST')))
+ self.assertIsNone(urlmap.match('/%s/docs' % dbname, 'POST'))
# test user-db doc resource auth
- self.assertIsNone(
- urlmap.match(
- self._make_environ('/%s/doc/x' % dbname, 'GET')))
+ self.assertIsNone(urlmap.match('/%s/doc/x' % dbname, 'GET'))
- self.assertIsNone(
- urlmap.match(
- self._make_environ('/%s/doc/x' % dbname, 'PUT')))
+ self.assertIsNone(urlmap.match('/%s/doc/x' % dbname, 'PUT'))
- self.assertIsNone(
- urlmap.match(
- self._make_environ('/%s/doc/x' % dbname, 'DELETE')))
+ self.assertIsNone(urlmap.match('/%s/doc/x' % dbname, 'DELETE'))
- self.assertIsNone(
- urlmap.match(
- self._make_environ('/%s/doc/x' % dbname, 'POST')))
+ self.assertIsNone(urlmap.match('/%s/doc/x' % dbname, 'POST'))
# test user-db sync resource auth
- match = urlmap.match(
- self._make_environ('/%s/sync-from/x' % dbname, 'GET'))
+ match = urlmap.match('/%s/sync-from/x' % dbname, 'GET')
self.assertEqual(uuid, match.get('uuid'))
self.assertEqual('x', match.get('source_replica_uid'))
- match = urlmap.match(
- self._make_environ('/%s/sync-from/x' % dbname, 'PUT'))
+ match = urlmap.match('/%s/sync-from/x' % dbname, 'PUT')
self.assertEqual(uuid, match.get('uuid'))
self.assertEqual('x', match.get('source_replica_uid'))
- match = urlmap.match(
- self._make_environ('/%s/sync-from/x' % dbname, 'DELETE'))
+ match = urlmap.match('/%s/sync-from/x' % dbname, 'DELETE')
self.assertIsNone(match)
- match = urlmap.match(
- self._make_environ('/%s/sync-from/x' % dbname, 'POST'))
+ match = urlmap.match('/%s/sync-from/x' % dbname, 'POST')
self.assertEqual(uuid, match.get('uuid'))
self.assertEqual('x', match.get('source_replica_uid'))